Denying Or Allowing Individual Commands; Template Accounts - Juniper J-Series Administration Manual
Juniper networks router administration guide
Hide thumbs
Also See for J-Series:
- Hardware manual (280 pages) ,
- Quick start manual (16 pages) ,
- Quick start manual (24 pages)
Table of Contents
Advertisement
Table 7: Permission Bits for Login Classes (continued)
Permission Bit
routing-control
secret
secret-control
security
security-control
shell
snmp
snmp-control
system
system-control
trace
trace-control
view
Denying or Allowing Individual Commands
By default, all top-level CLI commands have associated access privilege levels. Users
can execute only those commands and view only those statements for which they
have access privileges. For each login class, you can explicitly deny or allow the use
of operational and configuration mode commands that are otherwise permitted or
not allowed by a permission bit.
Template Accounts
You use local user template accounts when you need different types of templates.
Each template can define a different set of permissions appropriate for the group of
users who use that template. These templates are defined locally on the Services
Router and referenced by the TACACS+ and RADIUS authentication servers.
Access
Can view general routing, routing protocol, and routing policy configuration information
and configure general routing (at the
protocols (at the
[edit protocols]
hierarchy level).
policy-options]
Can view passwords and other authentication keys in the configuration.
Can view passwords and other authentication keys in the configuration and can modify
them in configuration mode.
Can view security configuration in configuration mode and with the
operational mode command.
Can view and configure security information (at the
Can start a local shell on the router by entering the
Can view SNMP configuration information in configuration and operational modes.
Can view SNMP configuration information and configure SNMP (at the
hierarchy level).
Can view system-level information in configuration and operational modes.
Can view system-level configuration information and configure it (at the
hierarchy level).
Can view trace file settings in configuration and operational modes.
Can view trace file settings and configure trace file properties.
Can use various commands to display current systemwide, routing table, and
protocol-specific values and statistics.
Chapter 1: Managing User Authentication and Access
[edit routing-options]
hierarchy level), routing
hierarchy level), and routing policy (at the
[edit security]
start shell
User Authentication Overview
[edit
show configuration
hierarchy level).
command.
[edit snmp]
[edit system]
7
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
